Adding a second TLS implementation

Mathew Heard mat999 at
Thu Feb 11 02:28:29 UTC 2021


BoringSSL is already for the most part supported (in code, if not
officially) if I am not mistaken

On Thu, 11 Feb 2021 at 12:02, Kevin Burke <kevin at> wrote:

> Hi,
> There has been a recent push by some members of the security community to
> try to make more critical code run in memory safe languages, because of the
> high prevalence of security issues related to memory safety, for example,
> use-after-free, double-free or heap buffer vulnerabilities.
> In that light, I was wondering if you'd be open to adding a second TLS
> implementation that could be used in place of OpenSSL. Ideally, the target
> would be a TLS implementation in a memory safe language, for example,
> rustls, available at Curl just merged a
> patch to support the rustls backend.
> This would require a lot of changes to make the TLS implementation
> portable so before investigating it I figured I would see if you're open to
> it at all.
> Kevin
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx-devel mailing list